\section{Limitations of Original Work}

We noticed that the authors of the original paper\cite{Zhou:2005:APS:1085126.1085127} 
suggested using several different initial sharings of the same secret by the dealer. 
Hence requiring the use a coordinator to select which version of the shares to use in 
share refreshing. The authors claim that this would help in mitigating the 
exponential blowup of the number of subshares that has to be communicated and 
stored at each server.

But we feel that this is counter intuitive. This is because this requires each 
of the server to store to the above sets of initial sharings by the dealer. 
This makes the attackers life much easier where it has more chances of 
collecting the share sets required, and would drastically increase the probability 
of success of the attacker.

Therefore we decided against the proposed optimization and implemented the 
verifiable secret sharing scheme relying on a single sharing by the dealer.


